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Abstract 

We show how one can use non-prime-power, composite moduli for computing repre- 
U: sentations of the product of two n X n matrices using only n 2+ °^ multiplications. 

O ! 1 Introduction 

. The matrix multiplication is a basic operation in mathematics in applications in almost every 

£> | branch of mathematics itself, and also in the science and engineering in general. An impor- 

tant problem is finding algorithms for fast matrix multiplication. The natural algorithm for 
computing the product of two n x n matrices uses n 3 multiplications. The first, surprising 
algorithm for fast matrix multiplication was the recursive method of Strassen |Str69j . with 
n 2 multiplications. The best known algorithm today was given by Coppersmith and Wino- 
grad |CW9f)| . requiring only n 2 376 multiplications. Some of these methods can be applied 
^5 '. successfully in practice for the multiplication of large matrices [Bai88 j . 

The best lower bounds for the number of needed multiplications are between 2.5n 2 and 
3n 2 , depending on the underlying fields (see |Bla99j , [Bsh89 , Shp01| ) . A celebrated result of 



O 



Raz Raz02 is an fl(n 2 log re) lower bound for the number of multiplications, if only bounded 
5h ' scalar multipliers can be used in the algorithm. 

The main result of the present paper is an algorithm with n 2+ °^ multiplications for 
computing a representation of the matrix product modulo non-prime power composite num- 
bers (e.g., 6). The algorithm is a straightforward application of a method of computing the 
representation of the dot-product of two length-n vectors with multiplications. 



2 Preliminaries 

In |Gro02| we gave the definition of the a-strong (i.e., alternative- strong) representation of 
polynomials. Here we define the alternative, and the 0-a-strong and the 1-a-strong represen- 
tations of polynomials. Note that the 0-a-strong representation, defined here, coincides with 
the a-strong representation of the paper |(Trof)2| . 

Note also, that for prime or prime-power moduli, polynomials and their representations 
(defined below), coincide. 
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Definition 1 Let m be a composite number m = p e ^p e 2 ■ ■ ■ p e / ■ Let Z m denote the ring of 
modulo m integers. Let f be a polynomial of n variables over Z m : 

f(xi,x 2 ,...,x n )= ^2 aixi, 

/C{l,2,...,n} 

where ai £ Z m , xi = Ilie/ x i- Then we say that 

g(xi,x 2 , ■ ■ ■ ,x n ) = b i x i' 

IC{l,2,...,n} 

is an 

• alternative representation of f modulo m, if 

V/C {1,2,... ,n} 3j G {1,2,..., £} : oj = 6/ (modpj); 

• 0-a-strong representation of f modulo m, if it is an alternative representation, and, 
furthermore, if for some i, a\ ^ bj (mod pi 1 ), then bj = (mod p^); 

• 1-a-strong representation of f modulo m, if it is an alternative representation, and, 
furthermore, if for some i, aj ^ bj (mod p^ 1 ), then aj = (mod m); 

Example 2 Let m = 6, and let f(xi,X2,xs) = x\x 2 + 2:2^3 + ^1^3; then 

g(xi,x 2 , , x 3 ) = 3xix 2 + 4x 2 x 3 + xix 3 

is a 0-a-strong representation of f modulo 6; 

g(xi,x 2 , ,x 3 ) = xix 2 + x 2 x 3 + X1X3 + 3xf + 4x 2 

is a 1-a-strong representation of f modulo 6; 

g{xi,x 2 , , £3) = 3xix 2 + 4x 2 x 3 + x\x 3 + 2>x\ + 4x 2 

is an alternative representation modulo 6. 

In other words, for modulus 6, in the alternative representation, each coefficient is correct 
either modulo 2 or modulo 3, but not necessarily both. 

In the 0-a-strong representation, the coefficients are always correct both modulo 2 and 
3, the non-zeroes are allowed to be correct either modulo 2 or 3, and if they are not correct 
modulo one of them, say 2, then they should be mod 2. 

In the 1-a-strong representation, the non-zero coefficients of / are correct for both moduli 
in g, but the zero coefficients of / can be non-zero either modulo 2 or modulo 3 in g, but not 
both. 

We considered elementary symmetric polynomials 

s k n = e 

/C{l,2,...,n} ig/ 

7|=fe 

in |Gro 02 . and proved that for constant fe's, 0-a-strong representations of elementary sym- 
metric polynomials can be computed dramatically faster over non-prime-power composites 
than over primes: we gave a depth-3 multilinear arithmetic circuit with sub-polynomial num- 
ber of multiplications (i.e., n £ , Ve > 0), while over fields or prime moduli computing these 
polynomials on depth-3 multilinear circuits needs polynomial (i.e., n^ 1 )) multiplications. 
In particular, we proved the following theorem: 
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Theorem 3 ( [G ro02] ) (i) Let m = p\P2, where p\ ^ p2 are primes. Then a degree-2 
0-a-strong representation of 

»J£{l,2,...,n} 

modulo m: 

Y aijXiyj (1) 

ijS{l,2,...,n} 

can be computed on a bilinear SIIS circuit of size 



exp (O ( y/log n log log n)). 

Moreover, this representation satisfies that \/i ^ j : aij = aji . 

(ii) Let the prime decomposition of m = p^p^ • • ~P% r ■ Then a degree-2 0-a-strong represen- 
tation of S^(x,y) modulo m of the form (1) can be computed on a bilinear circuit 
of size 



exp \ yylog n(log log n) r 1 

Moreover, this representation satisfies that Vi ^ j : Oy = au . 

□ 

Corollary 4 The 0-a-strong representation of (1) can be computed using 



exp(0(\/log n log log n)) 

multiplications. 

Proof: The proof immediately follows from Theorem|3J and the definition of SITS circuits, 
given m |Gro02j . □ 

Now we prove the following 

Theorem 5 (i) Let m = P1P2, where p\ ^ p2 are primes. Then a degree-2 1-a-strong 
representation of the dot-product 

n 

f(xx,X2, . . .,x n ,yi,y 2 , ...,y n ) = ^Xiyi 



i=i 



can be computed with 

exp (O ( \/log n log log re) ) (2) 

multiplications. 

(ii) Let the prime decomposition of m = p^P^ ' ' ' Pr r ■ Then a degree-2 1-a-strong repre- 
sentation of the dot-product f modulo m can be computed using 



exp ( 0\ {/logre(loglogre) r ~ 1 ) ) (3) 

multiplications. 
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(Hi) Moreover, the representations of (i) and (ii) can be computed on bilinear SnS circuits 
of size (2), and (3), respectively. 

Proof: Let g(x, y) = g(x±,X2, ■ ■ ■ , x n , 2/i, 2/2 ; • • • > Un) be the degree-2 polynomial from The- 
orem |31 which is a 0-a-strong representation of S^(x,y). Then consider polynomial 

h(x, y) = (xi+x 2 + ... + x n )(yi+y 2 + ■■■ + y n ) - g(x, y). 

In h(x,y), the coefficients of monomials Xiyi are all l's modulo m, and the coefficients of 
monomials Xj2/j> for i 7^ j are at least for one prime-power divisor of m. Consequently, by 
Definition^ h{x,y) is a 1-a-strong representation of the dot-product f(x,y). □ 

In contrast, as we proved in |Gro02j . the 0-a-strong representation of the dot-product 
cannot be computed with few multiplications: 

Theorem 6 f| Gro02p Let 

n 

f(xi,x 2 , ■ ■ • , x n , 2/1, 2/2, • • • , Vn) = 

i=i 

be the inner product function. Suppose that a SLTS circuit computes an a-strong representa- 
tion of f modulo 6. Then the circuit must have at least Q.(n) multiplication gates. 

□ 

Definition 7 Let A = {aij} and B = {bij} be two n x n matrices over Z m . Then C = {cij} 
is the alternative (1-a-strong, 0-a-strong) representation of the product-matrix AB, if for 
1 < i, j < n , Cij is an alternative (1-a-strong, 0-a-strong) representation of polynomial 

n 
k=l 

modulo m, respectively. 

Our main theorem here is 

Theorem 8 (i) Suppose that m has two distinct prime divisors. Then a 1-a-strong repre- 
sentation modulo m of AB can be computed using 

n 2 2 0(Vlogn(loglogn)) = n 2+o(l) ( 4 ) 

multiplications. 

(ii) Suppose that m has r distinct prime divisors. Then a 1-a-strong representation modulo 
m of AB can be computed using 



n 2 2 0(Vl°g™(loglogn)'- 1 ) =n 2+o(l) ( 5 ) 

multiplications. 

(Hi) Moreover, the representations of (i) and (ii) can be computed on bilinear SIIS circuits 
of size (4), and (5), respectively. 

The proof is immediate by applying n 2 -times the representation of the dot-product, im- 
plied by Theorem [3 □ 
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3 On 1-a-strong representations 

The following lemma describes some useful properties of the 1-a-strong representations. Be- 
fore stating it, we need a 

Definition 9 Let g be the 1-a-strong representation of polynomial f modulo m = 
pTpT " ' pT ■ Then those monomials, which appears in g, but not in f, with a non-zero 
coefficient modulo m are called surplus monomials. Let g' be the 1-a-strong representation 
of polynomial f modulo m. We say, that g and g' have disjoint surpluses, if the set of the 
monomials in their surpluses are disjoint. We say that they have compatible surpluses, if a 
monomial xi is present with coefficient aj in the surplus of g and with coefficient a'j in the 
surplus of g' , then there exist an i : 1 < i < I, such that 

ai = = a'j (mod p\ z ). 

Note, that the coefficients of the surplus monomials are zero modulo at least one prime- 
power divisor of m. The reason of defining disjoint and compatible surplus is the fact, that 
the sum of surplus monomials may have a non-zero coefficient for all prime divisors of m, 
e.g., if 3xy can be a surplus mod 6, Axy can be a surplus mod 6, but their sum, xy cannot 
be a surplus modulo 6. Consequently, in general, the sum of the 1-a-strong representations 
is not a 1-a-strong representation of the sum of the original polynomials. 

Lemma 10 Let f and f be polynomials over the ring Z m , and let g and g' their 1-a-strong 
representations modulo m. Then 

(i) gg' is a 1-a-strong representation of f f modulo m. 

(ii) Suppose, that g and g' have either disjoint or compatible surpluses modulo m. Then 
g + g' is a 1-a-strong representation modulo m. 

Proof: If ajxj is a surplus monomial, then its product with anything else will be zero 
(mod p?*) for some i, since aj = (mod pf'). If xj is not a surplus in g and xj is not a 
surplus in g', then their coefficients are equal to the corresponding coefficients in / and /', 
respectively, thus their product may have a zero coefficient in gg' , but then the corresponding 
coefficient is also zero in //'; this proves (i). If aj is zero (mod pp), and a'j is zero 
(mod p\ l ) , then ai + a'j is also zero (mod p^ ) , this proves (ii) . □ 

4 Open problems 

It would be interesting to compute 0-a-strong representations of the matrix product or the 
matrix-vector product using fewer multiplications than the currently best known algorithms 
for computing the exact values. 
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